Mobile Threats: Is Your Mobile Device a New 'Trojan Horse' in Disguise?
Sanjay Rohatgi, Senior Vice President, Asia Pacific, Symantec
Sanjay Rohatgi, Senior Vice President, Asia Pacific, Symantec
Threats in the mobile space are continuing to evolve, mature and grow year-on-year. Symantec’s Internet Security Threat Report Volume 23 reported a 54 percent increase in new mobile malware variants in 2017, with an average of 23,795 malicious mobile applications blocked on mobile devices each day. For organizations, what this means is that their IT teams have to aggressively defend against more varied threats on top of the growing volume.
With consumerization of IT and BYOD blurring the lines between corporate and personal, the adoption of mobile devices in the workplace is becoming more pervasive than ever, and potentially, the new ‘trojan horse’ we are embedding in our environment. Obtaining leaked sensitive information aside, cyber criminals have also come up with innovative ways to profit and generate revenue from these mobile devices. Ransomware on mobile phones for example, locks devices or encrypts data, forcing victims and organizations to pay a ransom in return for access.
Back to basics with cyber awareness and good security hygiene
Education is the first step for all organizations looking to strengthen their cyber security posture. By keeping abreast of security risks and trends, employees will know what they should watch out for and organizations can take proactive steps to ensure that their security response is effective.
Every organization’s needs are different whether it is protecting email and network access, cloud access control or even customer business apps. However, they all share a common goal in protecting and controlling access to sensitive business data, while continuing to give employees the flexibility required to be productive. There is no silver bullet to cyber security but mobile security technology can help predict, detect, and protect against physical, malware, network, and vulnerability exploits.
Diving deeper into mobile security, there is no avoiding user behavior as one of the major factors in securing corporate data. With employees in the front lines of information security, and often the most vulnerable to attacks, good cyber hygiene has to be nurtured in the workplace.
Encouraging employees to think proactively about their cyber security behaviors will fortify an organization’s cyber security front. This will also significantly reduce human errors – a weakness that cyber criminals are known to exploit.
Here are some cyber hygiene tips that employees can easily adopt:
• Changing your passwords: Passwords are the simplest form of protection and often the first defense against intrusion. Use strong and unique passwords for mobile, computers, other IoT devices and Wi-Fi networks. Do not use common or easily guessable passwords such as “123456” or “password”.
• Make sure you have the latest mobile OS version, and all software is up-to-date: Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by attackers.
•Be extra careful with links from unknown sources: Malicious popups and websites can be increasingly authentic-looking as cyber attackers become more sophisticated. To avoid falling for such traps, do not click on anything that you do not trust.
• Avoid granting excessive permissions: Read the permissions required before installing an app and ask yourself if they are simply there to acquire data about you. If it is impossible to determine where your data will go and what they will use it for, it might be best to avoid installing the app.
Education is the first step for all organizations looking to strengthen their cyber security posture. By keeping abreast of security risks and trends, employees will know what they should watch out for and organizations can take proactive steps to ensure that their security response is effective.
Every organization’s needs are different whether it is protecting email and network access, cloud access control or even customer business apps. However, they all share a common goal in protecting and controlling access to sensitive business data, while continuing to give employees the flexibility required to be productive. There is no silver bullet to cyber security but mobile security technology can help predict, detect, and protect against physical, malware, network, and vulnerability exploits.
Diving deeper into mobile security, there is no avoiding user behavior as one of the major factors in securing corporate data. With employees in the front lines of information security, and often the most vulnerable to attacks, good cyber hygiene has to be nurtured in the workplace.
Encouraging employees to think proactively about their cyber security behaviors will fortify an organization’s cyber security front. This will also significantly reduce human errors – a weakness that cyber criminals are known to exploit.
Here are some cyber hygiene tips that employees can easily adopt:
• Changing your passwords: Passwords are the simplest form of protection and often the first defense against intrusion. Use strong and unique passwords for mobile, computers, other IoT devices and Wi-Fi networks. Do not use common or easily guessable passwords such as “123456” or “password”.
• Make sure you have the latest mobile OS version, and all software is up-to-date: Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by attackers.
•Be extra careful with links from unknown sources: Malicious popups and websites can be increasingly authentic-looking as cyber attackers become more sophisticated. To avoid falling for such traps, do not click on anything that you do not trust.
• Avoid granting excessive permissions: Read the permissions required before installing an app and ask yourself if they are simply there to acquire data about you. If it is impossible to determine where your data will go and what they will use it for, it might be best to avoid installing the app.
Read Also
Enterprise Digital Transformation is not for the faint hearted: Guiding principles for a enterprise-wide digital transformation
Linda Zeelie, Enterprise Digital Transformation Architect and Leader, Metlife and Nina Evans (Professorial lead: UniSA STEM, University of South Australia (UniSA))
Digital Transformation/Modernisation, It is a Continuous Journey
Fahad Najeeb, Head of Data Platforms and Engineering, Latitude Financial Services
Drive Digital Transformation with a human-centric approach
Julius Zhu, Director, Digital Transformation and IT, Aptiv
